Add duplication APIs to ASN1_TIME and related types

Fixes #10600.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10823)

crypto/asn1/a_gentm.c

@@ -16,6 +16,9 @@
 #include "internal/cryptlib.h"
 #include <openssl/asn1.h>
 #include "asn1_local.h"
+#include <openssl/asn1t.h>
+
+IMPLEMENT_ASN1_DUP_FUNCTION(ASN1_GENERALIZEDTIME)
 
 /* This is the primary function used to parse ASN1_GENERALIZEDTIME */
 int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d)

crypto/asn1/a_time.c

@@ -24,6 +24,7 @@
 IMPLEMENT_ASN1_MSTRING(ASN1_TIME, B_ASN1_TIME)
 
 IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME)
+IMPLEMENT_ASN1_DUP_FUNCTION(ASN1_TIME)
 
 static int is_utc(const int year)
 {

crypto/asn1/a_utctm.c

@@ -12,6 +12,9 @@
 #include "internal/cryptlib.h"
 #include <openssl/asn1.h>
 #include "asn1_local.h"
+#include <openssl/asn1t.h>
+
+IMPLEMENT_ASN1_DUP_FUNCTION(ASN1_UTCTIME)
 
 /* This is the primary function used to parse ASN1_UTCTIME */
 int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d)

doc/man3/ASN1_TIME_set.pod

@@ -13,7 +13,8 @@ ASN1_TIME_print, ASN1_UTCTIME_print, ASN1_GENERALIZEDTIME_print,
 ASN1_TIME_diff,
 ASN1_TIME_cmp_time_t, ASN1_UTCTIME_cmp_time_t,
 ASN1_TIME_compare,
-ASN1_TIME_to_generalizedtime - ASN.1 Time functions
+ASN1_TIME_to_generalizedtime,
+ASN1_TIME_dup, ASN1_UTCTIME_dup, ASN1_GENERALIZEDTIME_dup - ASN.1 Time functions
 
 =head1 SYNOPSIS
 
@@ -58,6 +59,10 @@ ASN1_TIME_to_generalizedtime - ASN.1 Time functions
  ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
                                                     ASN1_GENERALIZEDTIME **out);
 
+ ASN1_TIME *ASN1_TIME_dup(const ASN1_TIME *t);
+ ASN1_UTCTIME *ASN1_UTCTIME_dup(const ASN1_UTCTIME *t);
+ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_dup(const ASN1_GENERALIZEDTIME *t);
+
 =head1 DESCRIPTION
 
 The ASN1_TIME_set(), ASN1_UTCTIME_set() and ASN1_GENERALIZEDTIME_set()
@@ -131,6 +136,10 @@ The ASN1_TIME_to_generalizedtime() function converts an B<ASN1_TIME> to an
 B<ASN1_GENERALIZEDTIME>, regardless of year. If either I<out> or
 I<*out> are NULL, then a new object is allocated and must be freed after use.
 
+The ASN1_TIME_dup(), ASN1_UTCTIME_dup() and ASN1_GENERALIZEDTIME_dup() functions
+duplicate the time structure I<t> and return the duplicated result
+correspondingly.
+
 =head1 NOTES
 
 The B<ASN1_TIME> structure corresponds to the ASN.1 structure B<Time>
@@ -210,6 +219,9 @@ or 1 if I<a> is after I<b>. -2 is returned on error.
 ASN1_TIME_to_generalizedtime() returns a pointer to the appropriate time
 structure on success or NULL if an error occurred.
 
+ASN1_TIME_dup(), ASN1_UTCTIME_dup() and ASN1_GENERALIZEDTIME_dup() return a
+pointer to a time structure or NULL if an error occurred.
+
 =head1 EXAMPLES
 
 Set a time structure to one hour after the current time and print it out:

include/openssl/asn1.h

@@ -599,6 +599,10 @@ DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
 DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
 DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
 
+DECLARE_ASN1_DUP_FUNCTION(ASN1_TIME)
+DECLARE_ASN1_DUP_FUNCTION(ASN1_UTCTIME)
+DECLARE_ASN1_DUP_FUNCTION(ASN1_GENERALIZEDTIME)
+
 DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF)
 
 ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);

test/asn1_time_test.c

@@ -320,6 +320,65 @@ static int test_table_compare(int idx)
     return TEST_int_eq(ASN1_TIME_compare(&td->t1, &td->t2), td->result);
 }
 
+static int test_time_dup(void)
+{
+    int ret = 0;
+    ASN1_TIME *asn1_time = NULL;
+    ASN1_TIME *asn1_time_dup = NULL;
+    ASN1_TIME *asn1_gentime = NULL;
+
+    asn1_time = ASN1_TIME_adj(NULL, time(NULL), 0, 0);
+    if (asn1_time == NULL) {
+        TEST_info("Internal error.");
+        goto err;
+    }
+
+    asn1_gentime = ASN1_TIME_to_generalizedtime(asn1_time, NULL);
+    if (asn1_gentime == NULL) {
+        TEST_info("Internal error.");
+        goto err;
+    }
+
+    asn1_time_dup = ASN1_TIME_dup(asn1_time);
+    if (!TEST_ptr_ne(asn1_time_dup, NULL)) {
+        TEST_info("ASN1_TIME_dup() failed.");
+        goto err;
+    }
+    if (!TEST_int_eq(ASN1_TIME_compare(asn1_time, asn1_time_dup), 0)) {
+        TEST_info("ASN1_TIME_dup() duplicated non-identical value.");
+        goto err;
+    }
+    ASN1_STRING_free(asn1_time_dup);
+
+    asn1_time_dup = ASN1_UTCTIME_dup(asn1_time);
+    if (!TEST_ptr_ne(asn1_time_dup, NULL)) {
+        TEST_info("ASN1_UTCTIME_dup() failed.");
+        goto err;
+    }
+    if (!TEST_int_eq(ASN1_TIME_compare(asn1_time, asn1_time_dup), 0)) {
+        TEST_info("ASN1_UTCTIME_dup() duplicated non-identical UTCTIME value.");
+        goto err;
+    }
+    ASN1_STRING_free(asn1_time_dup);
+
+    asn1_time_dup = ASN1_GENERALIZEDTIME_dup(asn1_gentime);
+    if (!TEST_ptr_ne(asn1_time_dup, NULL)) {
+        TEST_info("ASN1_GENERALIZEDTIME_dup() failed.");
+        goto err;
+    }
+    if (!TEST_int_eq(ASN1_TIME_compare(asn1_gentime, asn1_time_dup), 0)) {
+        TEST_info("ASN1_GENERALIZEDTIME_dup() dup'ed non-identical value.");
+        goto err;
+    }
+
+    ret = 1;
+ err:
+    ASN1_STRING_free(asn1_time);
+    ASN1_STRING_free(asn1_gentime);
+    ASN1_STRING_free(asn1_time_dup);
+    return ret;
+}
+
 int setup_tests(void)
 {
     /*
@@ -354,5 +413,6 @@ int setup_tests(void)
 #endif
     }
     ADD_ALL_TESTS(test_table_compare, OSSL_NELEM(tbl_compare_testdata));
+    ADD_TEST(test_time_dup);
     return 1;
 }

util/libcrypto.num

@@ -4915,3 +4915,6 @@ EVP_PKEY_CTX_new_from_name              ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_CTX_new_from_pkey              ?	3_0_0	EXIST::FUNCTION:
 OSSL_SELF_TEST_set_callback             ?	3_0_0	EXIST::FUNCTION:
 OSSL_SELF_TEST_get_callback             ?	3_0_0	EXIST::FUNCTION:
+ASN1_TIME_dup                           ?	3_0_0	EXIST::FUNCTION:
+ASN1_UTCTIME_dup                        ?	3_0_0	EXIST::FUNCTION:
+ASN1_GENERALIZEDTIME_dup                ?	3_0_0	EXIST::FUNCTION: